Mercurial > hg > nginx
comparison src/event/ngx_event_openssl.c @ 8586:7621ffaa79b3 quic
SSL: added the "ssl_keys_file" directive.
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Tue, 15 Sep 2020 22:44:46 +0300 |
| parents | 0875101c08f7 |
| children | 93be5658a250 |
comparison
equal
deleted
inserted
replaced
| 8585:02ee77f8d53d | 8586:7621ffaa79b3 |
|---|---|
| 253 | 253 |
| 254 return NGX_OK; | 254 return NGX_OK; |
| 255 } | 255 } |
| 256 | 256 |
| 257 | 257 |
| 258 void | |
| 259 ngx_ssl_keylogger(const ngx_ssl_conn_t *ssl_conn, const char *line) | |
| 260 { | |
| 261 u_char *p; | |
| 262 size_t len; | |
| 263 ssize_t n; | |
| 264 ngx_connection_t *c; | |
| 265 ngx_ssl_connection_t *sc; | |
| 266 | |
| 267 if (line == NULL) { | |
| 268 return; | |
| 269 } | |
| 270 | |
| 271 len = ngx_strlen(line); | |
| 272 | |
| 273 if (len == 0) { | |
| 274 return; | |
| 275 } | |
| 276 | |
| 277 c = ngx_ssl_get_connection(ssl_conn); | |
| 278 sc = c->ssl; | |
| 279 | |
| 280 p = ngx_alloc(len + 1, c->log); | |
| 281 if (p == NULL) { | |
| 282 return; | |
| 283 } | |
| 284 | |
| 285 ngx_memcpy(p, line, len); | |
| 286 p[len] = '\n'; | |
| 287 | |
| 288 n = ngx_write_fd(sc->keylog->fd, p, len + 1); | |
| 289 if (n == -1) { | |
| 290 ngx_log_error(NGX_LOG_ALERT, c->log, ngx_errno, | |
| 291 ngx_write_fd_n " to \"%s\" failed", | |
| 292 sc->keylog->name.data); | |
| 293 | |
| 294 } else if ((size_t) n != len + 1) { | |
| 295 ngx_log_error(NGX_LOG_ALERT, c->log, 0, | |
| 296 ngx_write_fd_n " to \"%s\" was incomplete: %z of %uz", | |
| 297 sc->keylog->name.data, n, len + 1); | |
| 298 } | |
| 299 } | |
| 300 | |
| 301 | |
| 258 ngx_int_t | 302 ngx_int_t |
| 259 ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols, void *data) | 303 ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols, void *data) |
| 260 { | 304 { |
| 261 ssl->ctx = SSL_CTX_new(SSLv23_method()); | 305 ssl->ctx = SSL_CTX_new(SSLv23_method()); |
| 262 | 306 |
| 1513 | 1557 |
| 1514 sc = ngx_pcalloc(c->pool, sizeof(ngx_ssl_connection_t)); | 1558 sc = ngx_pcalloc(c->pool, sizeof(ngx_ssl_connection_t)); |
| 1515 if (sc == NULL) { | 1559 if (sc == NULL) { |
| 1516 return NGX_ERROR; | 1560 return NGX_ERROR; |
| 1517 } | 1561 } |
| 1562 | |
| 1563 sc->keylog = ssl->keylog; | |
| 1518 | 1564 |
| 1519 sc->buffer = ((flags & NGX_SSL_BUFFER) != 0); | 1565 sc->buffer = ((flags & NGX_SSL_BUFFER) != 0); |
| 1520 sc->buffer_size = ssl->buffer_size; | 1566 sc->buffer_size = ssl->buffer_size; |
| 1521 | 1567 |
| 1522 sc->session_ctx = ssl->ctx; | 1568 sc->session_ctx = ssl->ctx; |